It is possible for an attacker to create malicious Wi-Fi networks in order to crash nearby users’ mobile devices with incredible accuracy.

Also, even the "No iOS Zone" attack is capable to make iOS things within the range completely unusable by triggering constant numbers of reboots.

It is nothing but a DoS attack…

...that makes the device inaccessible by its users, just like in the case of websites and servers.

"Anyone can take any router and create a [malicious] Wi-Fi hotspot that forces [nearby users] to connect to [attackers] network, and then manipulate the traffic to cause [their mobile] apps and the operating system to crash," said Sharabani speaking at the RSA Conference.

So, What could be done in order to get rid of attacker's malicious Wi-Fi?

Just Run Away!

Yeah! It sounds really strange, but users have no other choice if they find themselves in this situation.

The only thing that could be done by iOS users is to run away from that malicious hotspot's range.

"There is nothing you can do about it other than physically running away from the attackers," Sharabani said. "This is not a denial-of-service [attack] where you can't use your Wi-Fi; this is a denial-of-service [attack] so you can't use your device even in offline mode."

Another best measure is to simply avoid the free wireless networks you find in the street providing public Internet access.

Now, Let's learn how it is possible:

All an attacker need to do is create a malicious wireless network that uses the Wi-Fi connection in order to manipulate SSL certificates sent to iOS handsets.

Once the devices are connected to this malicious wireless hotspot, the attacker can launch a malicious crafted script forcing denial-of-service (DoS) which causes the apps as well as the phone to crash.

Here's the Video Demonstration:

The duo has also produced videos showing the DoS attack on iOS devices in action. You can watch the video below. You can also download the PDF related to this wireless attack.

Both Sharabani and Amit have contacted Apple about this issue, but it is yet unclear whether the company has released a complete fix or not.

Due to this reason, the duo has decided to not to provide any additional technical details about the flaws and issues they exploited in their attack; just to make sure iOS users are not exposed to the danger of the exploit caused by this vulnerability.

Sad but True! Your Apple’s Mac computer is vulnerable to a serious privilege escalation flaw, dubbed "RootPipe," even if you are running the latest version of Mac OS X.

What’s RootPipe?

Back in October 2014, a Swedish White Hat hacker Emil Kvarnhammar claimed to have discovered a critical privilege escalation vulnerability, he dubbed the backdoor as "RootPipe," in some versions of Mac OS X including the then newest version 10.10 Yosemite.

The vulnerability (CVE-2015-1130) could allow an attacker to take full control of your desktop Mac computer or MacBook laptop, even without any authentication.

Keeping in mind the devastating effect of the RootPipe vulnerability, the researcher privately reported the flaw to Apple and did not disclose the details of the flaw publicly until the company released a patch to fix it.

Apple did release an update but failed to patch RootPipe:

Earlier this month, Apple released the latest version of Mac OS X Yosemite, i.e. OS X Yosemite 10.10.3, and claimed to have fixed the so-called Rootpipe backdoor, which had been residing on Mac computers since 2011.

However, the company did not fix the flaw in the older versions (below 10.10) of the operating system due to uncodified Apple policy on patching, leaving tens of millions of Mac users at risk.

"Apple indicated that this issue required a substantial amount of changes on their side and that they would not backport the fix to 10.9.x and older," Kvarnhammar said in a blog post on the TrueSec website.

But here’s the worse part:

Apple’s RootPipe vulnerability patch for Mac OS X Yosemite 10.10.3 is claimed to be itself vulnerable, which again left all the Mac machines vulnerable to the RootPipe attacks.

Holy Crap!

Patrick Wardle, an ex-NSA staffer and current director of R&D at Synack, claimed to have discovered…

...a new way around Apple's security fix to reabuse the Rootpipe vulnerability, again opening path to the highest privilege level – root access.

Though this time, the attack requires a hacker to have gained local privileges, which could most likely be obtained via a working exploit of other software sitting on Mac machines.

Here’s the Video Demonstration:

Wardle has demonstrated his hack attack in action in a video proof-of-concept (POC), which you can watch below:

Wardle has already reported his findings to the Apple’s security team and would not disclose the details of his attack code public before the company will not issue a complete and unbreakable fix.

Now, let's just hope to get a tough fix for Rootpipe backdoor this time from Apple. Last time the company took nearly six months to release a patch that was fooled by Wardle sitting on a flight.

The most popular e-commerce platform owned by eBay, Magento is once again in the news. This time for a critical Remote Code Execution (RCE) vulnerability, affecting hundreds of thousands of online merchants worldwide.

If exploited, the critical vulnerability could allow a hacker to compromise completely any online store powered by Magento and gain access to credit card details and other financial as well as personal information related to the customers.

Which isn’t great?

This serious flaw in Magento platform exploits a series of vulnerabilities that ultimately allow unauthenticated attackers to execute any PHP code of their choice on the web server.

All the vulnerabilities that lead to remote code execution (RCE) flaw are present in the Magento core code, and affect the default installation of both Magento Community and Magento Enterprise Editions.

Running arbitrary code on the web server gives attackers the ability to bypass all security mechanisms and gain complete control of the vulnerable online store and its complete database, thereby allowing credit card theft and other administrative access into the system.

The worse part:

The most disturbing part is that this vulnerability was discovered by the security researchers of Check Point research team and reported together with a list of suggested fixes to Magento back in January this year.

Without any delay, Magento also released a patch (SUPEE-5344 available here) to address the vulnerability on February 9, 2015.

However, it’s been more than two months since the release of the patch and still more than 50 percent of all the Magento websites are vulnerable to the attacks, which is worst as they are E-commerce websites.

"The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores -- which represents about 30% of the ecommerce market," Check Point wrote in a blog post on Monday.

So, you need to patch your Magento site now!

Therefore, online store owners and administrators are urged to apply the patch immediately, as the impact of Magento e-commerce websites getting compromised can be devastating for all online buyers that make or has made use of a website built on the platform.

Recently, it was also discovered that the cybercriminals are malvertising legitimate Magento e-commerce website in order to send all the data, including credit card details, submitted by its customer amid checkout procedure to a third-party malicious site controlled by attackers.

In order to prove the jailbreak on iOS 8.4 beta 1, the hacker shows off the Apple Watch companion app, the newly redesigned Music app, and the new Emoji keyboard as well, while giving the video demonstration.

The video demonstration by the hacker proved an actual jailbreak for iOS 8.4 beta 1, but don’t expect a public iOS jailbreak tool iOS 8.4 or any other firmware from i0n1c.

No doubt this seems to be a great news for all Jailbreakers, but actually it’s not…

...because i0n1c has not released any iOS jailbreak tool for iOS 8.4 beta 1 and neither he’ll. So, don’t get excited for an iOS jailbreak tool for 8.4 beta 1.

i0n1c has contributed to the development of untethered iOS jailbreak tools in the past, and this video is his personal work that he is proud of.

According to the hacker, the vulnerability he discovered is not a new flaw in Apple’s iOS. "Instead, it is inside the code virtually forever," i0n1c says. However, this is incredibly interesting that the new code had nothing in common with CyberElevator for iOS 7.1.1.

The hacker posted the video along with a detailed note, which reads:

"Today I am delighted to share this video of a proof of concept iOS 8.4-beta 1 jailbreak that I was working on the last 4 days….I am not showing persistence or an untether at the moment because something is broken with it. But hey this is just a first proof of concept."

An untethered iOS jailbreak is a jailbreak where your iOS devices do not require any reboot with a connection to an external device capable of executing commands on the device.

No matter he did not release any iOS jailbreak tool for 8.4 beta 1, but hopefully we can expect one from TaiG or PanGu team that work on finding iOS exploits. So keep an eye on them if you love Jailbreaking your iPhones.

Good news, we bring an amazing deal of this month for our readers, where you can get hacking courses for as little as you want to pay and if you beat the average price you will receive the fully upgraded hacking bundle!

If you are really upset with Chrome browsers warnings that your HTTPS enabled website contains unsecured third-party contents that sometimes force your users to close the tab, Google has solved this problem for you.

With the release of the next version of Google's popular browser, Chrome 43, it may be easier for developers and system administrators to ensure HTTPS websites are not compromised by insecure HTTP resources.

Until now, the current browsers of Google flag a 'mixed-content warning' in the form of a yellow triangle over the padlock if any HTTPS page loads any resource from an unencrypted HTTP URL.

What's mixed content? And…

...Why should I worry about Mixed content if I am using HTTPS on my web pages?

If, say, your website has HTTPS enabled but your website's pages are loading contents, such as images, retrieved through regular, clear text HTTP URLs, then it is believed that the connection is only partially encrypted.

Partially encrypted communication means:

The unencrypted HTTP content on the secured web pages could be accessed by hackers as well as could be modified by Man-in-the-Middle (MITM) attackers, which results in unsecured connection. This behavior of web pages is called a mixed content page.

However, Mixed content is no longer a problem:

As Google says, "mixed content checking causes headaches," therefore the company is introducing a new command in its next version of the browser.

Chrome 43 – which is in beta right now but should be stable in May – will not flag any mixed content warning, thanks to a new browser Content Security Policy directive known as Upgrade Insecure Resources.

The search engine giant recommended you to enable it via an HTTP response header, "Content-Security-Policy: upgrade-insecure-requests," if all the content is controlled by you.

However, if the unsecure resources are served from a web server you don’t control, you can include the <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> tag in your page's <head>.

Now, this is something that will rejoice developers and system administrators because a simple yellow triangle warning bar in the browser's address bar makes their users think twice that whether they continue to keep browsing or close the tab.